Lifeboat Foundation

Security breach took place on January 7, but the city said it detected the intrusion in time to prevent any damage.

Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10.

The vulnerability is found in a decades-old Windows cryptographic component, known as CryptoAPI. The component has a range of functions, one of which allows developers to digitally sign their software, proving that the software has not been tampered with. But the bug may allow attackers to spoof legitimate software, potentially making it easier to run malicious software — like ransomware — on a vulnerable computer.

“The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider,” Microsoft said.

Cable Haunt lets attackers take complete control when targets visit booby-trapped sites.

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that strongly urges users and administrators alike to update a VPN with long-since disclosed critical vulnerabilities. “Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability,” the CISA alert warns, “can become compromised in an attack.” What has dictated the need for this level of Government agency interest and the urgency of the language used? The simple answer is the ongoing Travelex foreign currency exchange cyber-attack, thought to have been facilitated by no less than seven VPN servers that were late in being patched against this critical vulnerability. The vulnerability in question is CVE-2019–11510, first disclosed way back in April 2019 when Pulse Secure VPN also released a patch to fix it.

Critical VPN security vulnerability timeline

The CISA alert provides a telling timeline that outlines how the Pulse Secure VPN critical vulnerability, CVE-2019–11510, became such a hot security potato. Pulse Secure first released an advisory regarding the vulnerabilities in the VPN on April 24, 2019. “Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS),” that advisory warned, “this includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway.” An upgrade patch to fix the problem, which had been rated as critical, was made available at the same time. Warning users that the vulnerabilities posed a “significant risk to your deployment,” Pulse Secure recommended patching as soon as possible.

The Department of Homeland Security is preparing for possible cyberattack from Iran. Officials said it could target finance, energy and telecom companies. Gov. Roy Cooper is urging people to pay attention to keep North Carolina’s computer networks safe.

Click the video player above to learn how to stay safe online .

Cyber-attackers have ramped up their campaigns against the travel industry and those who use it.

Threats of cyber attacks on North America’s electric network systems are growing, industrial cybersecurity firm Dragos said in a new report this week.

This year, the firm has identified two groups, Magnallium and Xenotime, which are increasingly probing to compromise electric assets in North America, expanding their targeting from the oil and gas sector to include electric assets.

“This underscores the trend in threats expanding from single-vertical ICS operations to multi-vertical ICS operations we observe from adversaries targeting industrial entities,” Dragos said in its report.

The US Cybersecurity and Infrastructure Security Agency (CISA) today alerted organizations to patch their Pulse Secure VPN servers as a defense against ongoing attacks trying to exploit a known remote code execution (RCE) vulnerability.

This warning follows another alert issued by CISA in October 2019, and others coming from the National Security Agency (NSA), the Canadian Centre for Cyber Security, and UK’s National Cyber Security Center (NCSC).

Pulse Secure reported the vulnerability tracked as CVE-2019–11510 and disclosed by Orange Tsai and Meh Chang from the DEVCORE research team, and by Jake Valletta from FireEye in an April 2019 out-of-cycle advisory.

Dunwoody officials said Thursday that no data was compromised during the ransomware attack, which was detected on Christmas Eve and is now under investigation by the FBI. The intrusion was quickly identified by staff, which worked with the city’s computer security contractors at InterDev to shut down servers and disconnect computers in order to limit the impact of the attack.

“As soon as we detected a problem, we took immediate steps to protect the city’s infrastructure,” Ashley Smith, InterDev’s director of government services, said in a news release. “Data back-ups were used to fully restore systems with no loss.”

Dunwoody police Chief Billy Grogan said the attackers demanded a ransom be paid in bitcoin, a digital currency. He declined to reveal the amount requested but said the city did not pay.